Estimated reading time: 10 minutes
Operation DRAGONCLONE: Chinese Telecommunication industry targeted via VELETRIX & VShell malware. Contents Introduction Initial Findings Infection Chain. Technical Analysis Stage 0 – Malicious ZIP File. Stage 1 – Malicious VELETRIX implant. Stage 2 – Malicious V-Shell implant. Hunting and...
Estimated reading time: 8 minutes
Kimsuky: A Continuous Threat to South Korea with Deceptive Tactics Contents Introduction Infection Chain Initial Findings Campaign 1 Looking into PDF document. Campaign 2 Looking into PDF document. Technical Analysis Campaign 1 & 2 Conclusion Seqrite Protection MITRE ATT&CK...
Estimated reading time: 7 minutes
New Steganographic Campaign Distributing Multiple Malware Recently we have observed multiple stealer malware such as Remcos, DcRAT,AgentTesla, VIPKeyLogger, etc. distributed through a steganographic campaign. On tracing the roots, the campaign has been around for a while but has not...
Estimated reading time: 6 minutes
Fake CAPTCHA Lures Victims: Lumma Stealer Abuses Clipboard and PowerShell Introduction: We recently identified a new malware campaign using fake CAPTCHA pages to deliver Lumma Stealer, an infostealer operating under the malware-as-a-service (MaaS) model, first discovered in 2022. In...
Estimated reading time: 2 minutes
Current times have witnessed a large percentage of cyber breaches resulting from human errors. For example, the famous WannaCry ransomware attack that affected the entire world in 2017 increased due to negligence of security teams in ensuring if the...
Estimated reading time: 4 minutes
New targeted ransomware called SNAKE or EKANS was found in early January. Malware is written in the Go language and it is heavily obfuscated and goes after ICS environments. Snake Ransomware seems to be distributed via a focused and...
Estimated reading time: 4 minutes
Use of Phishing emails is not new for cyber-attack and is still one of the classic strategies to compromise a victim’s machine. Cyber criminals lure victims to open email attachments (mostly Doc and XLS files) by faking them to...
Estimated reading time: 3 minutes
As the number and nature of cyber threats grows increasingly day by day, organizations have opened up to the threat caused by cyber attacks. The North Atlantic Treaty Organization, which is better known as NATO, recognized cyberspace as a...
Estimated reading time: 3 minutes
For any organization, big or small, endpoint security acts as a frontline against cyber attacks. Ultimately, endpoints refer to every device that is connected to the enterprise network. Most attacks on an organization can be traced back to devices...
Estimated reading time: 3 minutes
It is not a situation any network administrator ever wants to be in. Yet, considering the multitude of attacks nowadays, the possibility of being in such a situation is getting more and more likely. The last year has shown...